CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

91 matches found

WordPress Advanced Access Manager - Path Traversal

The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive file...

9.8CVSS7.3AI score0.02711EPSS

Exploits1References2

RedhatCVE•added 2026/06/05 7:16 p.m.•5 views

CVE-2026-42674

Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Manager allows URL Encoding. This issue affects Advanced Access Manager: from n/a through 7.1.0...

7.5CVSS5.4AI score0.00394EPSS

Exploits0References1

NVD•added 2026/06/01 5:16 p.m.•13 views

CVE-2026-42674

Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Manager allows URL Encoding. This issue affects Advanced Access Manager: from n/a through 7.1.0...

7.5CVSS0.00394EPSS

Exploits0References1

EUVD•added 2026/06/01 3:22 p.m.•9 views

EUVD-2026-33689

Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Manager allows URL Encoding. This issue affects Advanced Access Manager: from n/a through 7.1.0...

7.5CVSS5.8AI score0.00394EPSS

Exploits0References1

Vulnrichment•added 2026/06/01 3:22 p.m.•9 views

CVE-2026-42674 WordPress Advanced Access Manager plugin <= 7.1.0 - Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Manager allows URL Encoding. This issue affects Advanced Access Manager: from n/a through 7.1.0...

7.5CVSS5.8AI score0.00394EPSS

Exploits0References1

Cvelist•added 2026/06/01 3:22 p.m.•24 views

CVE-2026-42674 WordPress Advanced Access Manager plugin <= 7.1.0 - Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Manager allows URL Encoding. This issue affects Advanced Access Manager: from n/a through 7.1.0...

7.5CVSS0.00394EPSS

Exploits0References1

CVE•added 2026/06/01 3:22 p.m.•15 views

CVE-2026-42674

The CVE concerns the WordPress plugin Advanced Access Manager (AAM)

7.5CVSS5.8AI score0.00394EPSS

Exploits0References1

Positive Technologies•added 2026/06/01 12:0 a.m.•11 views

PT-2026-45461

Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Manager allows URL Encoding. This issue affects Advanced Access Manager: from n/a through 7.1.0...

7.5CVSS5.8AI score0.00394EPSS

Exploits0References2

CNNVD•added 2026/06/01 12:0 a.m.•7 views

WordPress plugin Advanced Access Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

7.5CVSS5.5AI score0.00394EPSS

Exploits0References1

Patchstack•added 2026/05/14 4:21 p.m.•8 views

WordPress Advanced Access Manager plugin <= 7.1.0 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by Tiago Ventura @perses in WordPress Plugin Advanced Access Manager versions = 7.1.0...

5.8AI score0.00394EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/01/09 9:29 a.m.•7 views

CVE-2023-50881

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AAM Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More allows Stored XSS.This issue affects Advanced Access Manager – Restricted Content, Users & Roles, Enhance...

6.5CVSS6.7AI score0.00309EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-23517

Malware in sbrugna...

4.3CVSS4.8AI score0.01059EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-26165

Malicious code in bioql PyPI...

7.1CVSS8.8AI score0.00438EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-56375

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00297EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-26162

Malicious code in bioql PyPI...

5.9CVSS8.6AI score0.00375EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-56374

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00328EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:0 a.m.•5 views

CVE-2024-29124

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AAM Advanced Access Manager allows Stored XSS.This issue affects Advanced Access Manager: from n/a through 6.9.20...

5.9CVSS8.6AI score0.00375EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:0 a.m.•7 views

CVE-2023-51675

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in AAM Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More.This issue affects Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More: from n/a through 6.9.18...

5.4CVSS6.7AI score0.00297EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:17 a.m.•4 views

CVE-2023-51674

6.5CVSS6.7AI score0.00328EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:3 p.m.•8 views

CVE-2021-24830

The Advanced Access Manager WordPress plugin before 6.8.0 does not escape some of its settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6AI score0.00654EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by